 Hi folks, my name is George Chimales. I've been doing security for about ten plus years now and I started off doing work for the US government, pen testing, critical infrastructure type of stuff, then switched over into the private sector where there's an actual bottom line and you could justify good ideas and worked in a variety of different things, corporate pen testing, that sort of thing, then switched over into working independently. And one of the really cool things about working independently is you can work on whatever you want. And so I've been interested in humanitarian work for quite a while and so about two years ago I decided to start working in that field. And I'm here today because the humanitarian technology community needs your help. These groups and these organizations that are working in disasters and crises have all the same challenges that a normal IT infrastructure has, but they have a whole bunch of new ones that come from the sort of work that they're doing. And one of the things I'd like to talk to you about today is a new technology that's being used in the world of humanitarian response called crisis mapping. And the way crisis mapping works is pretty straightforward. When there's a crisis there's a set group of professional aid agencies and they provide aid in the form of medicine, food, water to people inside of the crisis. And that's the way it's always been. But now the people inside of the crisis have new technology, communication technology like phones that can send out SMS messages and Facebook accounts, Twitter accounts and they can send out YouTube videos. And as a result there's a huge amount of information that's coming out of the crisis areas and out of disaster areas. And crisis mapping is the process of collecting that information, processing it into a series of reports, handing those off to the aid agencies so they can provide much more targeted aid to the people that are affected by these disasters. Now the largest crisis mapping deployment that's taken place in about the two years since the technology has been around took place following the earthquake in Haiti. Where even though the city of Port-au-Prince was decimated when a massive earthquake struck a city that was made entirely out of unreinforced concrete, a group of technologists were able to get the SMS infrastructure back online very quickly. And another group of people were able to procure the SMS short code 4636. They broadcasted that SMS code out to the population saying send us what is happening around you. And this allowed people on the ground to send out SMS messages that could be picked up. The first problem was they were all in Haitian Creole. So a team of a thousand volunteers from the Haitian diaspora were contacted over Facebook and plugged into an online system that allowed them to provide translations for these messages. So now we know what is actually being said but we don't know the location. Because remember this is Port-au-Prince. There was no Google Street view. There were very few geo reference databases. So those same volunteers and additional volunteers from the internet provided geo location of the messages based on what was coming through on the SMS. And then those reports were forwarded on to the aid organizations using geo RSS. It was a really fantastic project. A lot of good work came of it. Lives were saved. And it's an excellent example of how this technology can be really useful in a natural disaster. The problem is that natural disasters don't shoot back. And now the same technology is being used in places where there are active hostile groups. The first large scale deployment that I worked on was supporting a team on the ground in Pakistan who were responding to the nationwide flooding that took place last year in the middle of last year. And things were going fairly smoothly. We brought a system online. We had teams of volunteers that were geo locating reports from the ground as well as field reports coming in from the UN. And then this happened. So now we're in a position where we are building a map and there is an active hostile group, the Taliban, who has said that they are going to target foreign aid workers. And we have a giant map that contains the location of foreign aid workers. We had to adapt accordingly. The next building that I worked on was in Sudan for a nationwide referendum, voting referendum. This is an image of what is believed to be mass grave in the South Cardiff region that was picked up by a group called Satellite Sentinel. Again, we were working with a local NGO on the ground in Sudan and had to deal with a number of issues. We received obviously fake reports. Things like everything is fine at this polling location and everyone is voting for the ruling party. Stuff that we knew we couldn't trust. We had our site blocked by the by the internet companies inside of Sudan so people could not reach it initially. And we had an inadvertent DOS based on the flaw on the platform we were using. The most recent large scale deployment that I did was the Libya crisis map, which we started when in early March when Libya was just beginning to see some basic civil unrest. And we ran it as it turned into a full scale war. The Libya crisis map was unique for a number of reasons. And one of which is that it was the first time that we worked without a team on the ground. Instead, a group that I worked with in this field was requested by the United Nations to set this system up so that they could have insight into what was happening on the ground, both inside of Tripoli and the border towns where there was a significant refugee presence. We had a number of things to deal with at that point. Things like protecting the observers, the people who were reporting from the ground inside of the war zone, verifying the information that was coming out because it was being fed directly to the response agencies, allowing them to determine what to do. And trusting all of the processing that was done because we used an entire group of volunteers from the internet. What's fascinating when you look at this technology is that the largest deployment took place in Haiti in a natural disaster. And now it's being used in Libya in an active war zone in less than 18 months. And it's an accelerating trend. We now have active deployments taking place in Syria, Bahrain, and Egypt. The good news is is that the good guys are catching on to this technology. They're starting to recognize its value. This is a tweet from the head of the world food program talking about how good Libya crisis map is. The bad news is the bad guys are also catching on. There's a team in Egypt that's done a number of these deployments. And last year they were approached by the secret police who demanded back end access to their system so that the secret police could see who was logging in and submitting messages to them. And so we all work in security. We all know how this plays out when we start dealing with security of new technologies. And what I'm really concerned about is that we're about to go from the ooh shiny to the oh shit moment in crisis mapping. And that's a definite concern because in this situation we have a lot of very, very significant consequences. The most grievous of which, the one I'm most concerned about is that if something significantly bad enough happens to one of these deployments, if it does get compromised and people do get hurt as a result of it, the big eight agencies, the ones who are best positioned to make use of this technology will just stop using it. They'll label it as a liability and a risk and it won't matter that there's lots of people on the ground who are broadcasting useful information because there won't be anyone there to hear it. So there's a couple of us who work in security and have security backgrounds that have been working on this technology. And we're in the process of trying to get ahead of the bad guys on this. So what we're doing, the reason I'm here today is I want to talk about what we've done so far. What has happened over the last several years with this technology. And to get a little bit of feedback from the audience, both inside the presentation and afterwards, from what the things that I'm saying. Because I'll be discussing not only the bad things that can happen, but some of the ways that we're looking to come up with a basic set of best practices. So as I go through this presentation and the rest of the presentation and talk about things, please pay attention. If there's something that I don't say, something that I don't talk about, an attack that you see, a vulnerability that you see, please remember it. If there's a little bit of time at the end, it'll try to take some questions. I'll be back in the speakers room afterwards. Or please contact me by email. Because it's entirely possible that you could come up with something that we aren't seeing. And as a result, we could build that into these best practices and they could really help people out in the field. And finally, I want to get some interest in the security community because this is really important technology. There's a lot of good work to be done. And we went through a couple of different ways to present this information. One way to do it would be to just walk through the steps that take place in an actual deployment. I had planned to bring an online system that would allow people to go through and be able to send attacks at it during the presentation. The problem was right before I flew out here, I noticed there was a really awesome new feature that was inserted into the platform I was going to be letting everyone attack. And that is the ability to add arbitrary JavaScript from the admin interface to the site. And which is an awesome feature. You know, you can do all sorts of great stuff and then I thought about it happening at DEF CON. So, you know, I've got the images online and I'll talk about where you can grab those if you want to download them and, you know, JavaScript inject yourselves to your heart content. So, you know, the cool thing about this is that the approach that's taken in these types of deployments all pretty much runs the same way. You know, there's just been a blank in the country of blank as a team from blank were responsible for deploying a crisis map in order to blank. Just to kind of speed things up, let's just say that there's been a revolution in the country of Turkestan. And if you've never heard of Turkestan, it's because it doesn't actually exist, let's just assume it's somewhere around here-ish. And, you know, Turkestan has been ruled by a dictatorial government, Kim Power and military coup, a very active police tendency to monitor the internet, monitor the cell phone networks and arrest, torture and kill people that disagree with Turkestan. So, to make things a little bit more interesting, what I'd like to do is I'd like to have you guys play a certain role as we go through. I'm going to be asking some questions about what do you want to see, what do you think is a good idea for these types of deployments. And over at Black Hat what I did is I split the audience up into the bad guys and the good guys. But we're all devious bastards here, so let's just say that you're the bad guys and ask you, if you guys are the bad guys, if you're the Turkestani secret police, the local terrorist cell, the local drug smugglers, what do you want to see happen? What is going to give you the best opportunity to compromise these deployments, to screw things up, to stop the people from succeeding? And the first question is, as a team from the blank, who is it that's going to be setting these things up? And the most important thing that we found for these types of deployments who are setting these things up and running them, do need to be on the ground. Until we get to the point where all the aid agencies and all the aid organizations are known to connect into these systems, it's imperative that there be advocates on the ground who can go to the meetings, you know, the group meetings, interact with the people that are actually doing the work and make them aware of what is happening. And based on the experiences that we've seen, these individuals, not affiliated with any particular organization, a local NGO, a media organization, and for this example, let's assume that it's a member of the independent media organization, not the Trachistani state run media, an international NGO like the Red Cross or the UN, or a military type organization, an external military, not the Trachistani military who is running this. So what I'd like to do is take a second, think about this, picture yourself as a bad person, who would do to each of these groups and who you would like to see running it to give you the greatest opportunity for screen up the deployment. I'm going to take a water. I'm going to get a show of hands. Who here wants this platform to be run by an individual? Who wants to be run by a local NGO? Who wants to be run by an international NGO? And who wants to be run by the military? All right, now one of the things that I'm concerned about as I go back to the crisis mapping community, one of the first things is going to happen is I'm going to be accused of giving the bad guys ideas of listing the attacks that can take place. And so I could try to go through and lecture the people I'm talking to about security through obscurity, why you must assume that the bad guys know the system, but instead I'd like to make the point that I sit in front of a group of people at a security conference and presented this to them and knowing nothing about it, they were able to put their hand up and tell me what you picked and why. Yes. That's a great point. So she said international NGO because they don't necessarily understand what's happening on the ground and they do have resources and supplies, things that the bad guys would want to pick up. That's an excellent point. So the idea is he wants to use an individual because he can corrupt the individual and then make use of the technology. One more person. Yep. So local NGO because they can be worn down, they don't have good resources and when they start to get worn out, you can take them out. All excellent, absolutely great points. Thank you very much. I'm going to ask that a couple more times and the cool thing about this is that these are answers that seem like, you know, because duh to us, but when you start talking to people who don't think like security people, who don't think in terms of attacks and defense, it's going to be things that they won't immediately do. So this is a break down that's going to my off the cuff break down of who's currently running these types of deployments. What you see is by and large a lot of them are being done by individuals because people can just set this technology up, they don't have to get approval. It's being picked up by local NGOs. More and more, there's been some tests by media organizations, Al Jazeera did a pilot in, oh God, in Gaza. Al Jazeera did a pilot in Gaza. There's been some basic work by international NGOs, the Libya crisis map and there's one or two groups that I'm aware of in the US military who are working with this technology. The issue is, the first issue is that there is no, you know, central organization who's responsible for doing this. So the entire process for setting up is entirely ad hoc. This is a quote that came across one of the crisis mapping groups shortly after the map that was online so that they could send volunteers to it. The problem is there's this pervasive assumption inside the community that just because you have the skills to set up, one of these systems means that you have the same skills needed to run it and in fact the skills needed to actually set it up are tiny compared to the skills and the effort needed to run it. Think about the Haiti response required over a thousand members of the diaspora community to work for this project. The first thing that we're going to do is we're going to have to make sure that they actually know what they're doing. But because we're in the place where we don't know who's going to be setting these things up in any given crisis in a disaster, we're at the point where we have to build trust on the fly with whoever's running them. And what we found in doing this is there's kind of three core concepts that we can use for trying to develop their story. The next is reputation. The individual who set up the deployment in Pakistan was a guy who was a TED fellow and a tech CEO. And so TED, the smart people's conference they do vetting and he's a tech CEO so he has to have some kind of skill. Still he knew nothing about crisis mapping but he seemed to be kind of a smart guy. And then finally we have history. Past experiences with a particular person. And in this case the problem with the Mumbai bomb blast was somebody we'd work together with on Pak report in Pakistan. So we had a background with him. But the problem with anybody being able to set these things up in the ground is like you mentioned direct attacks. These are news reports about bloggers who have been arrested. These are people who set up one website with just their opinion on it. And to my mind that these types of attacks, they could be targeted in the same way as bloggers makes it seems like a pretty short jump to me. And remember we're in a position where the secret police are already contacting these groups. So when you think about direct attacks we've got kind of a range of vulnerabilities where the individuals, the local NGOs on the ground like you guys said are the ones who are most susceptible to attack. The other concern is that we don't have hostile organizations. And this could be something like someone is picked up and their account is tortured out of them. This could be somebody who is paid by money. This could be a computer that is hacked. And our primary defense against that is isolation of operations. This is equivalent to the need to know approach in the government security community. But what you see when you think about isolation of operations is that they should not necessarily be done by individuals. So we have our threats to deployment managers, but let's assume we've got somebody who's willing to do this, the next question is they're responsible for deploying a crisis map. And crisis maps have got to do a couple of things. They've got to collect messages from the ground, process them into reports and present those out. And right now you have three options for what your crisis map platform is going to be. You've got to be able to pull things in and put them on a map somehow. You can include together existing geolocation services and social media services. Or we're also beginning to see some open source applications that are being built specifically for this and used in the field. So back to you guys of the track of stannies, when someone wants to set one of these things up, what do you want them to use? Think about it for a second. Who wants to see a platform that is coded from scratch? All right. Who wants to see existing services clued together? All right. And who wants to see these open source applications? So by and large, open source applications, why do you want to be an open source app? Is that what you want to do as a bad person or as a good person? You're saying that it's useful and transferable to other situations. Oh, you're not a bad person. Who wants to tell me why they'd want it to be an open source app? Exactly. So you have the code, you can figure out your attacks ahead of time, you know how to subvert it. One more person. Gentlemen in the blue shirt. What did you pick and why? Open source for the same reason? What we're seeing a lot is this is being used primarily by open source projects. And the key from the good person's side for using open source applications is where we need to we don't have time to go back and ask vendors for a patch if something goes wrong. And we need to be able to add new features and new functionality on the fly as it's needed by our deployment by the response organizations. But the downside of course to that is we are going to have code vulnerabilities. This is going to take place whenever you write something that's code. The particular open source app that we have is the public reports listing. So you can connect to the private reports by going directly to the URL for that report and they're all labeled sequentially by ID number. They showed up in the reports listing. So just the public reports listing of reports they didn't think to check the privacy flag. And they also leaked into the search system. And this is kind of funny from a security standpoint because they kind of screwed it up just about at the beginning. The problem though is that we found the direct URL access bug during the Sudan deployment. We found the reports listing bug during one of the Egyptian deployments and the search leakage during the Libya crisis map deployment. All situations where we're dealing with sensitive information. So code vulnerabilities are definitely a concern. One of the ways that we've gone around dealing with that is again an actual sensitive information and ran that on a completely private system. So the Libya crisis map initially started off as a password protected limited access deployment that was only given access was only given to response organizations who contacted the UN. And midway through the deployment the UN thought this is really great. This is really useful. This is really impressive work these people are doing. Let's make it public. So now all the analysis, the information is really available to anyone on the world. So what we did as a compromise on that is we kept our private password protected system where we had an ideally limited attack surface because everything was behind at least basic authentication. And we set up the public Libya crisis map which is the thing that was promoted on the internet. And that public crisis map did not receive any kind of sensitive information. We stripped out all the public links to media organizations. We left those in as well. And we put the entire transfer process on a 24-hour delay so that there is a limited usefulness of the data to people on the outside world. The next thing we have to decide is where do you want to actually have this deployed? So you have to run the system somewhere. And your basic options again are a local server on the internet or hosted on the cloud. So could I show of hands from the track of standing bad guys out there, where do you want this system to be hosted? Do you want it to be hosted on a local server in the country? Do you want it to be hosted on the internet? One hand. And then you put it down really quickly. Do you want it to be hosted on the cloud? Alright. Someone who said they wanted to host it on the cloud, could you tell me why? Sir. Okay. So you can shut down the internet and the local server. Sir. Actually, ma'am. Gain physical access? Yep. It's much easier to attack something that's local and it's inside your country. So you're absolutely right. The main concern for local servers are direct attacks. Fortunately we haven't had that happen that I am aware of. What we have had though is service interruption on the internet. The bad guys have figured out the internet off switch. Not only to shut off internet for the entire country, but even if the internet is in Syria have just flat out cut the internet, brain has significantly up to the number of sites that they're blocking. This is what happened to us we believe in Sudan. Fortunately we were on a cloud provider so we were able to switch IPs really quickly and they weren't able to catch up and catch on to the fact that our IP had changed and the site was back online. The other thing we have to worry about is message interception. How there's a belief that the various groups inside of the Middle East are using different tools to actually crack Skype. This is something that's particularly concerning for us because Skype is like the de facto communication standard that's used for everybody who's doing this sort of work. So what we're working on to deal with this is the concept of we know that the local servers are potentially vulnerable to attack. We know the cloud servers can be anonymized traffic back and forth. This is similar to what we were doing with Libya crisis map where we're switching between a public and a private instance but we're also going to be doing it from the cloud back on to the ground. The off chance that the server is attacked, that the server is compromised on the ground, the bad guys aren't going to be able to find the sort of sensitive information they're going to want to get and they're going to want to be able to do that. So we're just covering a lot of these questions. Who are we? Where are we deploying? What are we deploying? And the last question of course is what are we going to do this for? And there's a huge variety of different things that this can be done for doing things like tracking the location of people in need that have been affected by a crisis, monitoring for war crimes and collecting information that can be used in the future. We've gone through all of this work and ideas and thought process and looked at these different vulnerabilities but we're still inside of that tiny little dot. There's still a lot of work that has to be done around these types of deployments to actually make them successful. And we have things like spreading the word, actually getting the message out to the populace to the people that we're going to be collecting information from about what it is like to use a private network, pretend to ideally people that have been trained ahead of time. This is what's being done in a lot of the vote monitoring types of deployments where it's using a small set of vote monitors who already know protocols both for reporting and ideally for security. Or you can just put the word out to absolutely, totally everyone out there who will listen letting them know hey this thing is online, send us your information. The first concern with passing the actual emergency, please call 9-1-1. And in situations where the system that's being used to collect this data is not directly linked to the response organizations, kind of indirectly linked there's people on the ground trying to promote it for use by the response organizations, there's the possibility that they could be intercepting messages and the people on the ground could think that they're going to be getting an automatic response from this and so they won't think to go out and contact the actual aid organizations who may have been involved in this corruption. This is a tweet that went out during the Sudan, not the Sudan deployment that I worked on, but another one that was tracking violence inside of Khartoum, basically saying hey don't go to this site, it's been infiltrated by the Sudanese government. The problem with this, there are a number of problems. The first is that it was actually a false message. The actual message had been sent out by the people running the platform that they couldn't trust that it wasn't being intercepted, but by the time it made it to Twitter, the message had turned into don't go here, it's been compromised by the government. So the message that's being passed out is liable to be inadvertently corrupted, but there's also the potential that it can be intentionally corrupted. So the next step is collecting messages, we've gotten the word out, the platform is online, people have heard about it and they're now starting to send data back in to the media. The primary concern with the submission of messages is attribution. The ability for people who are monitoring these systems to be able to attract the message back to an individual. And when we're dealing with direct direct collection processes from things like SMS phone, things that are definitely coming from one person directly to your platform. The other process is to use something like social media where it's being broadcast out to the world and we're dealing with direct messages through SMS e-mail or people connecting to a particular site online. At that point somebody who's monitoring the network has got both the end point where the messages are going to and they're able to track back the people who are actually sending them. In the case of social media that it's a little bit more indirect because the message is going up to some place in the cloud, some kind of service and it can be very challenging to hunt out who's behind it and who they're what their username and password is and then figure out who this actual person is. However, we do now have these platforms that are collecting these messages for people and presenting them online which could cut out at least the tonting down the message part for the bad guys. And then we have protected attribution from the media where they have by far a much more limited scope and understanding of what's happening on the ground compared to the entire citizen population who's got the ability but they do have a little bit of coverage because they are media and they're able to protect not only themselves but ideally they've got systems in place to also protect the people that are reporting to them. Again, with any kind of collection process we do have to worry about service interruption and message interception. These same sort of issues that are going to affect the platform location are also going to affect the passing of messages. The next stage is we've gone and put the word out. We've put the platform online. Things are going relatively smoothly. People are now starting to send messages into the platform messages that are being collected. Now those messages need to be processed and that processing is not necessarily that easy. Think about Haiti. In Haiti they received over 50,000 SMS messages in the several weeks during their deployment that all needed to be looked through and processed. And so the processing has to be done in a system. And right now the sort of groups that we have to do this are a local team on the ground which is what the Haiti deployment eventually transitioned over to. We're now seeing in the crisis mapping community teams of individuals who are members of this community and willing to work for this work on these deployments and are aware of it and kind of know the ropes. They're still relatively small relative to the online volunteers. Just anybody out there on the internet like the Pakistan deployment that we worked on. There's also beginning to see some initial work on automated analysis I like my internet clouds there. Automated analysis systems to actually process these message in an automated fashion. The problem is those are still very experimental systems and in any case they're going to need to be fed good data that's created by groups of people. So at least for the immediate future we're going to have to rely on groups of people to process the messages one way or the other. And right now the primary technology that people are using these groups are using their giant shared Google Doc. They just take all the volunteers, throw them into a shared Google Doc and give them kind of a basic workflow of how they should go through and process these messages. From a security standpoint it's terrifying that they're doing this but from an actual usability standpoint it pains me to say well because you can actually get groups of people online they can see everybody else is working on it, they can see the progress is being made it's a very good morale builder. This particular doc was one of the ones that was used during the Libya crisis map by a group called the standby task force that I helped found last October to start standardizing some of the processes and the response and organizing groups of individuals and teams to deal with each of these efforts. The one issue with the standby task force that we have is it's designed for short term deployments and we started off the Libya crisis map with a relatively small group of people that were pulled from the community that we were already aware of and then when it came time for us to transition off we went back to the UN and said we're a short term solution here we'd either shut it down or you guys need to find people to work on it and they said oh that's no problem at all we've got a UN volunteer corps that we can put out broadcasts at saying who wants to work on this stuff so we went from our relatively small closed community of people to an open call across the internet to say who wants to work on this system so all the operational security that we put in place around protecting people's privacy etc etc etc was going to be blown by the opportunity for infiltration and again we're back at this concept that it could be somebody who is turned somebody who is working directly for a state organization etc the folks who let people into the Libya crisis map through the UN they did try to do some basic background checks on the people they asked for Facebook accounts Skype ID's Twitter accounts to try to prove that they were like an actual person but that's not actually real security what we're looking at instead as a potential model is to deal with something called crowdsourced micro-tasking the idea that we can take the steps that are involved in the processing of these messages and split them up into siloed processes that people would only be able to work on an assembly line on one particular action be that in geolocation or categorization or filtering so what we'd be able to do ideally is add at the front of this queue something for anonymization so we could take people that have an established trust inside of an organization and focus their work on just stripping out personally identifiable information and then passing that on to other people further on down the chain to provide different pieces of work one of the concerns though is that we've now still got added in this idea of privacy so we can strip out the identifiable information but we now have to worry about things like accuracy the micro-tasking system there was used last week for deployment or for an exercise that replayed some of the English translated messages from Haiti and the team involved with a team of volunteers went through using this micro-tasking system to do each of these steps including geolocation and it worked pretty well when you look at this map seeing where these volunteers were able to identify where inside of Haiti the messages were coming from inside of Haiti Haiti where these messages were coming from this is where the rest of the messages that they were processing ended up getting mapped because what we had was untrained volunteers going through taking the first thing that looked like a location slapping it into Google Maps and then copying the latitude and longitude back into the report so we had things all over the place you see a big bump inside of France where the Haitian Creole is very similar to French and so there's a lot of French names for towns the one that they put in Alexandria, Egypt which means that they not only didn't realize what they were doing but it didn't occur to them that the Arabic script on top of the city names was unusual so we have to worry about an accuracy in the system and this is people that are trying to do their best and it doesn't even take into account the potential for people who are trying to purposefully put in misleading information and so the solution that we have to that is more sophisticated crowd sourcing the image here is from a crowd sourcing platform that was used during the Pakistan deployment that's run by a company called CrowdFlower and CrowdFlower has got a significantly just a really really cool infrastructure in place that lets you do something beyond just presenting the information you can actually track and score the people who are working on it so again we're starting to see this constant of corroboration where in the Pakistan deployment we required that before a message was moved to the location step multiple people had to agree that it was in the same place and this is multiple random people we also had the ability to get to scoring accuracy from the people that are working on these platforms this is done by inserting known good data you call it gold data into the message stream and seeing what answers people come up with based on that gold data so you're kind of inserting tests into the process as they're working on the system and then finally places like CrowdFlower user bases because it's used similar to Mechanical Turk by a group of people who are familiar with the system and so you're able to see this kind of reputation where you can see they've been they worked on this other thing and they were pretty accurate and so we hope that systems like this will help us deal with the inaccuracy and help minimize the potential disruption from people who are just making honest mistakes or people who are inside the system trying to purposefully screw things up so we've gone through this entire process we've set up the system we've put the word out we've collected the messages and now we're at the final step where we need to decide what we want to approve what we want to think is actually true and report verification is something that is the primary question that we're always asked by the agencies kind of the big questions how can we trust this information how do we verify this data and the answer is it's very very hard I don't know how many of you are familiar with the gay girl in Damascus blog show of hands how many people heard of that alright so for those of you that don't know the gay girl of Damascus blog was this blog in Syria that was chronically in the life of this this young girl who is living in Syria under this despotic regime and there was bad things happening to people who were homosexual and everyone was really concerned about it the problem was that the gay girl in Damascus was actually a married guy in Ireland and the entire thing was completely and totally faked and he got away with it for months and months and months fooling everybody and it was on CNN etc etc and this this is really really going to be a very difficult problem to deal with and there is no easy answer to it the the best that we're working on right now is again that concept of corroboration reputation in history and the gay girl in Damascus blog is an excellent example where the information was out there people believed it it was very accurate it was very detailed but where this started to fall apart was when a reporter I believe from the UK who is widely known as kind of being an authoritative source of the mining of social media he received word from some people that he knew that there were certain things inside of these messages inside of these blog posts that weren't adding up they couldn't find people inside of the media in Damascus who knew of this of this girl and then they started digging more and more and more into the actual electronic side of things and found things that that further didn't line up like where the domain was registered where the posts were coming from etc and so we see another use case for this concept of corroboration you know the information couldn't be corroborated by people who are on the ground you know reputation where the word came out from from a reporter who was you know very very well established as an authoritative source of information in the Middle East and he in turn got that message from people who had a long history of trusted reports so from there they were able to work this back we had a similar case during the Libya crisis map where we received word that including images that that indicated there were white phosphorus attacks taking place which would have been a very very serious escalation in hostilities and what the volunteers dug into the metadata for the reports as it was told to me by one of the coordinators and were able to pull out information that indicated to them that this does not take place at the time that the report was purporting that it came from and so they ultimately dismissed it and there have not been to my knowledge any further reports indicating that that was actually true so when we go through this entire process we still end up back at this concept of corroboration, reputation and history and then the final when the once the reports are actually put online and they're presented there's the possibility that it kind of it's no longer in our hands what's actually going to happen to it the first concern is things like misinterpretation one of the one of the first deployments that I ever did just when I was starting to get used to this technology was tracking a night of rioting that took place in my hometown of Oakland and I was just monitoring Twitter and pulling information from Twitter and from the Internet and at one point there is a woman who there was a cop car who was kind of starting to get closed in by by protesters and he was backing up I mean maybe ten ish miles an hour and he he just brushed a woman that was that didn't see the cop car coming the woman went down my understanding is that she then got back up and was able to leave and walk away and we saw this happen we actually it's on video you can find live video from the helicopters that's and we were now faced with a question like do we want to report this was this actually news and we decided not to and then the next day I received an email from from an acquaintance on the east coast saying hey I saw your map it was really great but you didn't you didn't have the report about the woman who was murdered when she was run over by the cops and and that's it's a great example of how how these things can get away from you and and you know I responded back to her no we didn't report that the other thing we have to worry about is manipulation if something does get all the way through what can be done with purposefully forged reports and how can we detect those I really really liked moxies concept of trust agility and I think that's something that we're absolutely going to have to work in to our system going forward at every step in this process is the ability to retract who we trust at any given situation and finally the the risk of utilization the possibility of these messages these platforms can be utilized by the bad guys and this is one of the reasons that we try to do things like keep them private not post them online unless we have to if we do have to present information prevent presenting information that is that is delayed that is not as useful to an adversary and so we've got all these problems all these potential issues all these things that can go wrong and the the the big question is is it worth it you know as as somebody who's working in security and has all the potential attacks my opinion is that yes it's absolutely worth it this technology despite the issues has got a huge amount of promise and the the challenges that come in are things that that are expected you know they're being this technology is being used in in hostile conflict zones where there is an absolute need for security and it would be silly to think that for some reason the IT side of things would be exempt from that need for security and so the the approach that we'll be taking over the next months and years is going to be to develop a set of standards and best practices that can be used to allow people to do these types of types of deployments safely and securely and identify the ways and get the word out so that people know about it and they're able to do these things at the beginning and the the other reason is that eventually something is going to go wrong someone is not going to get the word something is going to slip through the cracks that we weren't that we weren't expecting a new attack is going to emerge and bad things will eventually happen and when that does it's going to be vitally important that we have something to show the the response agencies the the the large organizations who would be inclined to to walk away from the technology at this point to be able to explain to them that this technology can be done securely there are things that can be done and unfortunately in this particular case you know something got through so we will have a response in the event that something does something bad does happen because this technology's got a lot of a lot of things that can be used for not just inside of the an actual disaster this is the what became of the the the Haiti deployment it was initially set up for the response to the earthquake and is now run by a local company inside of Haiti who is using it to track a significant amount of information not just about you know the the actual disaster and it's become a resource to the entire community tracking everything from the location to the hospitals and the caller response and it's it's become established as a long term ongoing support to to the the Haitian country and and will be there in place for the the next disaster whenever whatever that is so that there are a couple of groups that I'd like to specifically call out that are doing really great work in this area an excellent opportunity for people who are interested in working in this space the first is crisis mappers which is the kind of the main one of the main mailing lists and main community groups for the the crisis mapping community that includes both members of the the volunteer community the the developer community and a growing significantly growing group of professional responders who are taking part in this the next is the standby task force which is a group that's been responsible for providing volunteers for these large scale deployments we're working on developing standard tools technologies and work flows to make this possible and this is the team that worked on the Sudan referendum and the Libya crisis map and finally crisis commons is Heather here so crisis commons is a group that was started by Heather Blanchard who's a longtime member of the media goons and they they do a number of a number of different projects from everything from setting up wikis during disasters to providing weekend hackathons where people can contribute code and and new tools for some of these deployments that are taking place and they do they do fantastic work on the right side on the right side there's a set of the tools that that we're using Ushahidi is the the one that's been used in a lot of these deployments and a lot of the screenshots you saw you saw frontline SMS is a very simple Java based SMS gateway that's being used for a variety of things throughout impoverished countries Sahana is like your opens is like a Swiss Army knife for disaster managers and open street map is an awesome awesome kind of wiki equivalent to Google Google maps so the the final question I have for you guys is as I've gone through as I've talked about these things just based on how you think you've come up with things that weren't in the presentation you've come up with things that that I missed that I wasn't thinking about or didn't have time to talk about up here what I could really use your help in doing is coming up to me talking to me sending me an email I'll be back in the question and answer room about the those things tell me what we aren't thinking about because we need your help in pen testing these ideas that's everything I've got thank you very much